1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

Added the security changes suggested by Andrew - become the

user that authenticated to swat permanently (if not root).
Jeremy.
(This used to be commit 7d55bf3791)
This commit is contained in:
Jeremy Allison 1998-11-12 03:06:00 +00:00
parent 84c10df026
commit b0a2e2e778
3 changed files with 110 additions and 81 deletions

View File

@ -2657,4 +2657,5 @@ void status_page(void);
/*The following definitions come from web/swat.c */
BOOL become_user_permanently(uid_t uid, gid_t gid);
#endif /* _PROTO_H_ */

View File

@ -293,29 +293,83 @@ static void base64_decode(char *s)
/***************************************************************************
handle a http authentication line
***************************************************************************/
static int cgi_handle_authorization(char *line)
static BOOL cgi_handle_authorization(char *line)
{
char *p, *user, *pass;
char *p, *user, *user_pass;
struct passwd *pass = NULL;
int ret = False;
if (strncasecmp(line,"Basic ", 6)) {
cgi_setup_error("401 Bad Authorization", "",
"Only basic authorization is understood");
return False;
}
line += 6;
while (line[0] == ' ') line++;
base64_decode(line);
if (!(p=strchr(line,':'))) {
/*
* Always give the same error so a cracker
* cannot tell why we fail.
*/
cgi_setup_error("401 Bad Authorization", "",
"username/password must be supplied");
return False;
}
*p = 0;
user = line;
pass = p+1;
user_pass = p+1;
/*
* Try and get the user from the UNIX password file.
*/
if(!(pass = Get_Pwnam(user,False))) {
/*
* Always give the same error so a cracker
* cannot tell why we fail.
*/
cgi_setup_error("401 Bad Authorization", "",
"username/password must be supplied");
return False;
}
/*
* Validate the password they have given.
*/
if((ret = pass_check(user, user_pass, strlen(user_pass), NULL, NULL)) == True) {
/*
* Password was ok.
*/
if(pass->pw_uid != 0) {
/*
* We have not authenticated as root,
* become the user *permanently*.
*/
if(!become_user_permanently(pass->pw_uid, pass->pw_gid)) {
/*
* Always give the same error so a cracker
* cannot tell why we fail.
*/
cgi_setup_error("401 Bad Authorization", "",
"username/password must be supplied");
return False;
}
/*
* On exit from here we are the authenticated
* user - no way back.
*/
}
/* Save the users name */
C_user = strdup(user);
}
return pass_check(user, pass, strlen(pass), NULL, NULL);
return ret;
}
/***************************************************************************
@ -323,7 +377,7 @@ is this root?
***************************************************************************/
BOOL am_root(void)
{
if ((C_user) && (strcmp(C_user,"root") == 0)) {
if (geteuid() == 0) {
return( True);
} else {
return( False);
@ -393,7 +447,7 @@ run as a true cgi program by a web browser or is itself a mini web server
***************************************************************************/
void cgi_setup(char *rootdir, int auth_required)
{
int authenticated = 0;
BOOL authenticated = False;
char line[1024];
char *url=NULL;
char *p;

View File

@ -771,76 +771,64 @@ static BOOL talk_to_smbpasswd(char *old, char *new)
}
/****************************************************************************
become the specified uid
become the specified uid - permanently !
****************************************************************************/
static BOOL become_uid(uid_t uid)
BOOL become_user_permanently(uid_t uid, gid_t gid)
{
#ifdef HAVE_TRAPDOOR_UID
#ifdef HAVE_SETUIDX
/* AIX3 has setuidx which is NOT a trapoor function (tridge) */
if (setuidx(ID_EFFECTIVE, uid) != 0) {
if (seteuid(uid) != 0) {
printf("<p> Can't set uid %d (setuidx)\n", (int)uid);
if (geteuid() != 0) {
return(True);
}
/* now completely lose our privilages. This is a fairly paranoid
way of doing it, but it does work on all systems that I know of */
#ifdef HAVE_SETRESUID
/*
* Firstly ensure all our uids are set to root.
*/
setresgid(0,0,0);
setresuid(0,0,0);
/*
* Now ensure we change all our gids.
*/
setresgid(gid,gid,gid);
/*
* Now ensure all the uids are the user.
*/
setresuid(uid,uid,uid);
#else
/*
* Firstly ensure all our uids are set to root.
*/
setuid(0);
seteuid(0);
/*
* Now ensure we change all our gids.
*/
setgid(gid);
setegid(gid);
/*
* Now ensure all the uids are the user.
*/
setuid(uid);
seteuid(uid);
#endif
if (getuid() != uid || geteuid() != uid ||
getgid() != gid || getegid() != gid) {
/* We failed to lose our privilages. */
return False;
}
}
#endif
#endif
#ifdef HAVE_SETRESUID
if (setresuid(-1,uid,-1) != 0)
#else
if ((seteuid(uid) != 0) && (setuid(uid) != 0))
#endif
{
printf("<p> Couldn't set uid %d currently set to (uid %d, euid %d)\n",
(int)uid,(int)getuid(), (int)geteuid());
if (uid > (uid_t)32000) {
printf("<p> Looks like your OS doesn't like high uid values - try using a different account\n");
}
return(False);
}
if (((uid == (uid_t)-1) || ((sizeof(uid_t) == 2) && (uid == 65535))) &&
(geteuid() != uid)) {
printf("<p> Invalid uid -1. perhaps you have a account with uid 65535?\n");
return(False);
}
return(True);
}
/****************************************************************************
become the specified gid
****************************************************************************/
static BOOL become_gid(gid_t gid)
{
#ifdef HAVE_SETRESUID
if (setresgid(-1,gid,-1) != 0)
#else
if (setgid(gid) != 0)
#endif
{
printf("<p> Couldn't set gid %d currently set to (gid %d, egid %d)\n",
(int)gid,(int)getgid(),(int)getegid());
if (gid > 32000) {
printf("<p> Looks like your OS doesn't like high gid values - try using a different account\n");
}
return(False);
}
return(True);
}
/****************************************************************************
become the specified uid and gid
****************************************************************************/
static BOOL become_id(uid_t uid,gid_t gid)
{
return(become_gid(gid) && become_uid(uid));
}
/****************************************************************************
do the stuff required to add or change a password
****************************************************************************/
@ -881,19 +869,6 @@ static void chg_passwd(void)
}
}
/* Get the UID/GID of the user, and become that user */
if (am_root() == False) {
pass = Get_Pwnam(cgi_variable(user),True);
if (pass == NULL) {
printf("<p> User uid unknown \n");
} else {
if (become_id(pass->pw_uid, pass->pw_gid) == False) {
printf("<p> uid/gid set failed \n");
return;
}
}
}
#ifdef SWAT_DEBUG
if (pass) printf("<p> User uid %d gid %d \n", pass->pw_uid, pass->pw_gid);
printf("<p> Processes uid %d, euid %d, gid %d, egid %d \n",getuid(),geteuid(),getgid(),getegid());
@ -1138,4 +1113,3 @@ static void printers_page(void)
print_footer();
return 0;
}